Lucene search
MitreCVELIST:CVE-2016-4360HistoryJun 08, 2016 - 2:00 p.m.
CVE-2016-4360
2016-06-0814:00:00
mitre
www.cve.org
4
web/admin/data.js in the Performance Center Virtual Table Server (VTS) component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 do not restrict file paths sent to an unlink call, which allows remote attackers to delete arbitrary files via the path parameter to data/import_csv, aka ZDI-CAN-3555.
Related
nessus
nessus
HPE LoadRunner Virtual Table Server import_csv Remote File Deletion DoS
2016-07-07 00:00:00
HP LoadRunner 11.52 / 12.00 / 12.01 / 12.02 / 12.50 Multiple Vulnerabilities
2016-06-10 00:00:00
HP Performance Center 11.52.x / 12.x < 12.53 Multiple Vulnerabilities
2016-09-30 00:00:00
cve
cve
CVE-2016-4360
2016-06-08 14:59:42
prion
prion
Code injection
2016-06-08 14:59:00
nvd
nvd
CVE-2016-4360
2016-06-08 14:59:42
zdi
zdi
openvas
openvas
HPE LoadRunner Multiple Remote Code Execution and DoS Vulnerabilities
2017-04-20 00:00:00